blog:nitko_web_server_security_assessment
This is an old revision of the document!
Table of Contents
Nitko web server security assessment
Nikto performs automated tests agains webservers.
- Program: http://www.cirt.net/nikto2
Nikto does require the LibWhisker Perl module, but this is built into the program so it does not need to be installed. You will want to install the Net::SSLeay Perl module if you want to test SSL.
Install Net::SSLeay
or on Debian (or Ubuntu, of course)
apt-get install libcrypt-ssleay-perl libnet-ssleay-perl
For all distributions, installing from CPAN:
perl -MCPAN -e shell; Cpan> install Net::SSLeay
Download nikto
You can find a download of the current version from http://www.cirt.net/nikto2
mkdir /usr/src mv nikto-current.tar.gz /usr/src cd /usr/src
Untar the program.
tar zxvf nikto-current.tar.gz
Basic Scan
perl nikto.pl -h
perl nikto.pl -h 192.168.5.103
~~LINKBACK~~
blog/nitko_web_server_security_assessment.1243152775.txt.gz · Last modified: 2009-05-24 10:12 by brb
Discussion